NTP Authentication is a recommended best security practice; there are a lot of documents out there on how to setup NTP authentication between two Cisco IOS devices but anything between Cisco and LINUX is few and far between.

I have setup a LINUX Server (Redhat/CentOS) box, that will act as an upstream proxy to pool.ntp.org. NTP authentication will be enabled on the LINUX box so that the downstream Cisco IOS box (router/switch) can be configured with authentication.

CentOS Server config

Start with installing and starting NTP.

sudo yum install ntpd
sudo systemctl start ntpd.service

... don't forget to open the firewall...

sudo firewall-cmd --permanent --zone=public --add-port=123/udp

Next, add a key to /etc/ntp/keys...

# For more information about this file, see the man page ntp_auth(5).
#
# id type key
1 M Cisco123

What I've done here is, add a key with id 1 that is type MD5 (authentication), the key is Cisco123

Don't move onto the IOS box until ntpq shows a * next to one of the upstream servers. You need clocks sync'd on the linux box before the IOS one will work. It should take at least 5 minutes to sync up; if you are having issues, manually set the linux clock to within a minute and restart the NTP service.

Cisco IOS Config

My Cisco router is 1.1.1.1, my linux server is 1.1.1.2, make sure both boxes can ping each other ;-)